Lucene search
K

9 matches found

Mageia
Mageia
added 2019/05/12 9:35 a.m.25 views

Updated svgsalamander packages fix security vulnerability

A vulnerability was found in the svgsalamander library. If the library is being used in a web application for processing user supplied SVG files then the app is vulnerable to SSRF CVE-2017-5617...

7.4CVSS1.5AI score0.01992EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.18 views

Fedora 30 : svgsalamander (2019-735d3953e8)

New upstream release with security fix for CVE-2017-5617 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

7.4CVSS7.2AI score0.01992EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/03/29 12:0 a.m.20 views

Fedora 29 : svgsalamander (2019-3cbce64a64)

New upstream release with security fix for CVE-2017-5617 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

7.4CVSS7.2AI score0.01992EPSS
Exploits0References2
NVD
NVD
added 2017/03/16 3:59 p.m.14 views

CVE-2017-5617

The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...

7.4CVSS7.3AI score0.01992EPSS
Exploits0References8
OSV
OSV
added 2017/03/16 3:59 p.m.5 views

CVE-2017-5617

The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...

7.4CVSS7.3AI score
Exploits0References8
CVE
CVE
added 2017/03/16 3:0 p.m.96 views

CVE-2017-5617

SVG Salamander (svgSalamander) is affected by CVE-2017-5617: a crafted SVG file can trigger server-side request forgery (SSRF) via an xlink:href attribute in web applications using the library. The vulnerability impacts the SVG rendering component and is described in multiple advisories (e.g., GL...

7.4CVSS7.2AI score0.01992EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2017/03/16 3:0 p.m.19 views

CVE-2017-5617

The SVG Salamander aka svgSalamander library, when used in a web application, allows remote attackers to conduct server-side request forgery SSRF attacks via an xlink:href attribute in an SVG file...

7.2AI score0.01992EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2017/02/06 12:0 a.m.34 views

Debian DSA-3781-1 : svgsalamander - security update

Luc Lynx discovered that SVG Salamander, a SVG engine for Java was susceptible to server side request forgery. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3781. The text itself is...

7.4CVSS7.2AI score0.01992EPSS
Exploits0References3
Debian
Debian
added 2017/02/05 5:45 p.m.13 views

[SECURITY] [DSA 3781-1] svgsalamander security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3781-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 05, 2017 https://www.debian.org/security/faq -...

7.4CVSS7.3AI score0.01992EPSS
Exploits0
Rows per page
Query Builder